implement participant migration procedure to enable LSU#5120
Conversation
[static] Signed-off-by: Mateusz Błażejewski <mateusz.blazejewski@digitalasset.com>
[static] Signed-off-by: Mateusz Błażejewski <mateusz.blazejewski@digitalasset.com>
[backport] ReminderPlease consider backporting to the following branches:
And your PR is currently against base branch: main. Note: Any PR comment containing [backport] will be considered for auto-backporting upon merge, |
Can you describe what happens in each step? It's a bit tricky to follow in the code. My understanding is:
|
| // the following will not be needed when the MIGRATION_ID gets removed from defaults | ||
| databaseName: `participant${migrationSuffix(migration?.id, '_')}`, | ||
| databaseName: | ||
| participant?.legacyDatabaseName ?? `participant${migrationSuffix(migration?.id, '_')}`, |
There was a problem hiding this comment.
not sure I understand why we need this. Can we not rely on the frozenMigrationId field?
| }; | ||
| migratingDatabaseInstanceName?: string; | ||
| migratingDatabaseSecretName?: string; | ||
| yieldManagement?: boolean; |
There was a problem hiding this comment.
do we use yieldManagement for more than setting retainOnDelete? If not maybe just call it retainOnDelete?
There was a problem hiding this comment.
It is used both on retainOnDelete and disabling the Pulumi protect option. The idea behind the name was that this flag in some sense makes the current stack yield the management of these resources. It does not yield it completely as a hypothetical modification afterwards would still be applied but it stops managing deletion. Now that I had to explain this I'm starting to lean towards something more specific like retainDbResourcesOnDelete.
| existingInstanceName !== undefined | ||
| ? { | ||
| import: existingInstanceName, | ||
| ignoreChanges: ['userLabels'], |
There was a problem hiding this comment.
why do these change?
There was a problem hiding this comment.
Because in the sv stack I generally tried to avoid using migration ID if it's not necessary. For example the participant instance is just called participant instead of participant-0. This also means that the migration_id label is not present in the sv stack deployment. To get the resource import to work I have to ignore this change as resource state and definition must be identical during the import. During the subsequent deployment (step 2) this label is actually removed.
@moritzkiefer-da your analysis is pretty much spot on. I've updated the PR description to make it more clear. |
moritzkiefer-da
left a comment
moritzkiefer-da
left a comment
There was a problem hiding this comment.
Thanks! lgtm minus the frozen migration id change
nicu-da
left a comment
nicu-da
left a comment
There was a problem hiding this comment.
Thanks! Nothing else to add compared to @moritzkiefer-da 's comments. Lets make sure we use the frozen migration id to avoid needing any other config changes for the migration.
| password: pulumi.Input<string>, | ||
| secretName: string, | ||
| existingSecretName?: string, | ||
| yieldManagement: boolean = false |
There was a problem hiding this comment.
Why the yieldManagement naming?
…agement [static] Signed-off-by: Mateusz Błażejewski <mateusz.blazejewski@digitalasset.com>
3 participants
The migration procedure is done in two steps:
svstacks and prepare them to be removed from thesv-cantonstacks. To do this:synchronizerMigration.active.migrateParticipantsFromSvCantonToSvset totruesv-cantonstacks, down participant chart fromsv-cantonand bring it up from thesvstack. Restarting the participant is also necessary due to DB user's password change. The password cannot be migrated. To do this:synchronizerMigration.active.migrateParticipantsFromSvCantonToSvsynchronizerMigration.active.enableLogicalSynchronizerDeploymentModetotruesynchronizerMigration.frozenMigrationIdis set